rgod

471 exploits Active since Jul 2005
EIP-2026-111377 EXPLOITDB php WORKING POC
PmWiki 2.1.19 - 'Zend_Hash_Del_Key_Or_Index' Remote Command Execution
EIP-2026-111349 EXPLOITDB php WORKING POC
Plogger Beta 2.1 - Administrative Credentials Disclosure
CVE-2006-2889 EXPLOITDB php WORKING POC
Pixelpost < 1.5_rc1 - SQL Injection via Category or Archivedate Parameter
Multiple SQL injection vulnerabilities in index.php in Pixelpost 1-5rc1-2 and earlier allow remote attackers to execute arbitrary SQL commands, and leverage them to gain administrator privileges, via the (1) category or (2) archivedate parameter.
CVE-2006-6661 EXPLOITDB php WORKING POC
php-update < 2.7 - Remote Code Execution via Variable Overwrite in blog.php
Variable overwrite vulnerability in blog.php in PHP-Update 2.7 and earlier allows remote attackers to overwrite arbitrary program variables and execute arbitrary PHP code via multiple vectors that use the extract function, as demonstrated by the (1) f, (2) newmessage, (3) newusername, (4) adminuser, and (5) permission parameters.
CVE-2005-2651 EXPLOITDB php WORKING POC
Zorum 3.5 - Remote Code Execution via argv Parameter
gorum/prod.php in Zorum 3.5 allows remote attackers to execute arbitrary code via shell metacharacters in the argv parameter.
EIP-2026-111162 EXPLOITDB text WORKING POC
PHPMyFAQ 1.5.1 - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-111161 EXPLOITDB text WRITEUP
PHPMyFAQ 1.5.1 - Logs Unauthorized Access
EIP-2026-111160 EXPLOITDB text WRITEUP
PHPMyFAQ 1.5.1 - Local File Inclusion
CVE-2005-3048 EXPLOITDB php WORKING POC
phpmyfaq 1.5.1 - Directory Traversal and Arbitrary File Read via LANGCODE Parameter
Directory traversal vulnerability in index.php in PhpMyFaq 1.5.1 allows remote attackers to read arbitrary files or include arbitrary PHP files via a .. (dot dot) in the LANGCODE parameter, which also allows direct code injection via the User Agent field in a request packet, which can be activated by using LANGCODE to reference the user tracking data file.
EIP-2026-111150 EXPLOITDB php WORKING POC
phpMyChat 0.15.0dev - SYS enter Remote Code Execution
EIP-2026-111112 EXPLOITDB php WORKING POC
phpList 2.10.2 - 'GLOBALS[]' Remote Code Execution
CVE-2005-2792 EXPLOITDB text WRITEUP
phpLDAPadmin <0.9.8 - Path Traversal
Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the custom_welcome_page parameter.
CVE-2006-0786 EXPLOITDB php WORKING POC
PHPKIT 1.6.1 Release 2 - Code Injection
Incomplete blacklist vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier, with allow_url_fopen enabled, allows remote attackers to conduct PHP remote file include attacks via a path parameter that specifies a (1) UNC share or (2) ftps URL, which bypasses the check for "http://", "ftp://", and "https://" URLs.
CVE-2006-6966 EXPLOITDB php WORKING POC
phpgraphy < 0.9.13 - Remote Code Execution via Config File Upload
phpGraphy before 0.9.13a does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a config.php file via the pictures[] parameter to index.php. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpGraphy.
CVE-2005-4468 EXPLOITDB php WORKING POC
PHPGedView <= 3.3.7 - Remote File Inclusion via PGV_BASE_DIRECTORY Parameter
PHP remote file include vulnerability in help_text_vars.php in PHPGedView 3.3.7 and earlier allows remote attackers to execute arbitrary code via a URL in the PGV_BASE_DIRECTORY parameter.
EIP-2026-111059 EXPLOITDB text WORKING POC
PHPFreeNews 1.x - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-111058 EXPLOITDB text WORKING POC
PHPFreeNews 1.x - Admin Login SQL Injection
CVE-2005-4593 EXPLOITDB php WORKING POC
phpDocumentor 1.3.0 rc4 - Remote File Inclusion via FORUM[LIB] or root_dir Parameter
PHP remote file inclusion vulnerability in phpDocumentor 1.3.0 rc4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary code via a URL in the (1) FORUM[LIB] parameter in Documentation/tests/bug-559668.php and (2) the root_dir parameter in docbuilder/file_dialog.php.
EIP-2026-111025 EXPLOITDB text WORKING POC
phpCommunityCalendar 4.0 - Multiple SQL Injections
EIP-2026-111024 EXPLOITDB text WORKING POC
phpCommunityCalendar 4.0 - Multiple Cross-Site Scripting Vulnerabilities
CVE-2006-1495 EXPLOITDB php WORKING POC
PHPCollab 2.4-2.5.rc3, NetOffice 2.5.3-pl1-2.6.0b2 - SQL Injection
SQL injection vulnerability in general/sendpassword.php in (1) PHPCollab 2.4 and 2.5.rc3, and (2) NetOffice 2.5.3-pl1 and 2.6.0b2 allows remote attackers to execute arbitrary SQL commands via the loginForm parameter in the "forgotten password" option.
CVE-2005-4213 EXPLOITDB php WORKING POC
phpCOIN 1.2.2 - SQL Injection via phpcoinsessid Cookie
SQL injection vulnerability in mod.php in phpCOIN 1.2.2 allows remote attackers to execute arbitrary SQL commands via the phpcoinsessid cookie.
EIP-2026-110970 EXPLOITDB php WORKING POC
phpBB 3 - 'memberlist.php' SQL Injection
CVE-2006-4450 EXPLOITDB text WRITEUP
PHPBB 2.0.20 - Server-Side Request Forgery via Avatar URL Parameter
usercp_avatar.php in PHPBB 2.0.20, when avatar uploading is enabled, allows remote attackers to use the server as a web proxy by submitting a URL to the avatarurl parameter, which is then used in an HTTP GET request.
EIP-2026-110958 EXPLOITDB php WORKING POC
phpBB 2.0.20 - Admin/Restore DB/default_lang Remote Command Execution